You Know What's Missing From The Aaron Swartz Indictment? Any Mention Of Copyright

from the now-that's-interesting... dept

As we noted yesterday in our discussion of the indictment against Aaron Swartz, US Attorney Carmen M. Ortiz played up the standard, incredibly misleading, claims about how he was engaged in "theft." It's a standard claim from copyright maximalists that downloading anything without permission is "theft," even though the law is clear that infringement and theft are two different things. But... in reading and discussing this, we missed out on one very important point, that Mike Wokasch spotted: with all the things in the indictment, one thing that's missing is any copyright infringement claim. If you're going to talk up the "theft" angle, why not at least include a copyright infringement claim? Perhaps it's because the government knows that it would lose on that claim badly. Once you're on the MIT network, you are allowed to download these works. Thus, there's no infringement at all. That's a big problem for much of the case against Swartz, but the feds seem to think they can use the circumstantial evidence unrelated to the actual computer usage to convict Swartz by inference.

So, without even an allegation of copyright infringement, you really have to wonder where US Attorney Carmen M. Ortiz gets off claiming publicly that Swartz was involved in "theft." The indictment doesn't indicate any unlawful taking at all, even for those who (falsely) consider copyright infringement to be the equivalent of theft.

Isn't the fact that the indictment doesn't try to equate copyright infringement with "theft" a *good* thing? I mean, sure, it wouldn't seem out of character for the feds to call infringement theft, but itsn't it a little refreshing that here what they're calling "theft" isn't copyright infringement? Or at least they haven't tried to call it that yet.

Re:

They were clearly trying to assert that downloading those journals was theft, and then never charged him with anyting even vaguely related to theft. this is a railroading expedition because the guy tried to downloadd too much stuff, the bandwidth police got pissed off

Hacking does not require a copyright factor

It appears to me that the simple reason for the government to not mention copyright is that this element is irrelevant to the charges. IANAL, but I'm assuming that the laws on "computer fraud" and "obtaining information from a protected computer" don't require that the information being hacked is copyrighted, just private or in a protected environment. I think it's similar to the DMCA rules where you legally have a right to make back-ups of your own DVD, but in order to invoke this right, you have to perform an illegal act. I'm not saying I agree with this logic, just that there appears to be a legal precedent.

Re: Hacking does not require a copyright factor

Under 18 USC 1343 a requisite element of wire fraud is "obtaining money or property by means of false or fraudulent pretenses". Computer fraud, 18 USC 1030(a)(4) requires the person only to "obtain[] anything of value" which is somewhat more broad, but still requires there to be something of value.

I really can't see the establishment of value without copyright. Possibly she could argue that the value of the service provided by JSTOR is sufficient. However, since he had access to JSTOR legally, that seems like a stretch. Of course they don't have to allege criminal infringement in order to use copyright to establish value, but they do have to prove value and it seems like they would have to prove copyright infringement to do so.

Re: Re: Hacking does not require a copyright factor

The Computer Fraud and Abuse Act allows for charges where someone has harmed a computer or computer network or caused it damage. This includes overloading a network such that it cannot function properly. This is allegedly what Aaron has done, so the CFA charges are the most serious.

The wire fraud is more tenuous and will depend on interpretations of the JSTOR terms of use license for the purpose of downloading the information in question. It'll be a harder bit to prove, but it's also a dangerous charge. (And its common when there are fraud claims involving, well, wires like the phone or internet.)

The worst part, however, is that both affected parties (MIT and JSTOR) appear to have resolved the issues to their satisfaction with Aaron, but the US Attorney's still pursuing the matter. Don't we have more important crimes to go after?

Re: Re: Re: Hacking does not require a copyright factor

wire fraud is more tenuous and will depend on interpretations of the JSTOR terms of use license for the purpose of downloading the information in question,

This seems interesting. Could you elaborate on the relationship between the JSTOR Terms of Use and wire fraud?

Maybe I read the indictment wrong, but it looks three of the four counts require the government to prove that he acquired something of value. Count I and II are the fraud charges, so they require the acquisition of something of value. One element of Count III requires the information to be worth over $5,000.

Can they prove that the information is something of value without copyright?

Of course that still leaves Count IV, which requires them to prove that the damage exceeded $5,000. I'm assuming they would do that by valuing downtime for JSTOR and/or lack of access to JSTOR by MIT, so that seems more tenable. But that knocks his punishment down to 5 years, rather than the aggregate 35 years.

Re: Re: Re: Re: Hacking does not require a copyright factor

Basically, JSTOR 's terms of use might create the 'something of value' element the government needs. If JSTOR typically provides the articles for a subscription, and people agree to abide by terms of use in using that subscription, violating the terms of use might lead to an analysis that the retrieved documents, in the way they were retrieved, amounted to Aaron acquiring something of value. More over, if the way he retrieved it was using methods intended to trick the JSTOR system into thinking his access was under the terms of the use agreement, yet it was not, this could potentially meet the fraud element.

RIAA "value"

I'm sure the value will be "calculated" the way the RIAA calculates value; it will be the potential lost revenue had the downloaded data been released. The article mentions that they charge for many of the items if you aren't downloading from a "paying" institution.

Document ABC costs $1 per download, and "potentially" 300 people wouldn't download it if a free version existed. Multiply $300 * 4.1 million and you have over $12 million dollars of "infringement". ;)

Re: Re: Hacking does not require a copyright factor

Then why refer to "theft" so prominently in the press statements?

One of the basic principles of public speaking is to target your audience. If you know that the word "theft" has emotional weight to your target audience (the public), they you'll throw it around as much as possible. It doesn't mean that that terminology is used when they actually present the legal case.

Re: Hacking does not require a copyright factor

It appears to me that the simple reason for the government to not mention copyright is that this element is irrelevant to the charges.

It's true that it's not relevant to any of the charges in the indictment, but that's not the point.

One would have thought they would have also tried to obtain an indictment under 17 USC 506 for criminal copyright infringement given the nature of the things allegedly stolen.

There are plenty of reasons they might not have done so. Indeed, in this case, there seem to be facts that really mitigate against that charge. My original tweet was merely a comment on the difference between this case and another.

Re: Hacking does not require a copyright factor

It appears to me that the simple reason for the government to not mention copyright is that this element is irrelevant to the charges.

That wasn't my point at all. I wasn't saying you needed to show copyright infringement to prove the hacking charges. Just pointing out that they keep talking up "theft" and the obvious claim there is that there was some sort of infringement. But they don't make that charge anywhere.

Normally, you don't see anyone claim that garden variety hacking to access a system is "theft." So I was just pointing out the odd use of "theft" when they weren't even using a copyright claim.

Re:

Copyright is not relevant because the use of JSTOR is governed by a license agreement, the terms and conditions of which he is alleged to have broken (see point 5 of the indictment). Generally speaking, a license agreement between a company and a user trumps copyright law.

Re:

"Copyright is not relevant because the use of JSTOR is governed by a license agreement, the terms and conditions of which he is alleged to have broken (see point 5 of the indictment). "

Ok so? Breaking a license agreement is a CIVIL matter, not a 35 year felony. That is a matter between 2 private parties.

"Generally speaking, a license agreement between a company and a user trumps copyright law."

Wrong. Not only wrong, CATEGORICALLY wrong. You cant sign away rights that contravene the law. Otherwise, slavery would still exist and be legal. Just because you sign an agreement with someone doesnt mean they can put ANYTHING they want in there. Can you sign a contract to murder someone? No, because murder is against the law.

Re: Re:

You can sign away rights through a contract. However, a contract cannot be for illegal purposes. Therefore, I can't have a gambling contract with you in a state where gambling is not allowed.

Generally speaking, breaking a licensing agreement is a civil matter. However, if breaking that licensing agreement leads to unauthorized access and use of a computer system in violation of the Computer Fraud and Abuse Act, then it may lead to criminal liability.

So, while the commenter you have responded to is wrong, they are not categorically wrong. You're comment, however, is wrong.

Re: Re: Re: Re:

No, I'm afraid that you're categorically wrong. Let's say that copyright law allows me to make a certain use of an ebook (e.g. copy a chapter and upload it to my blog) but I sign a license agreement that expressly forbids this use. I am bound by that agreement, no matter what copyright law says.

Re:

No, I'm afraid that you're categorically wrong. Let's say that copyright law allows me to make a certain use of an ebook (e.g. copy a chapter and upload it to my blog) but I sign a license agreement that expressly forbids this use. I am bound by that agreement, no matter what copyright law says

Not quite true. There are certain aspects of copyright that you can't "license" away. Some you can, but others you can't.

Re:

Not exactly true.

You can still have a copyright infringement when the licensee exceeds the scope of the license. See, e.g., Jacobsen v. Katzer. The real question is whether the limitations on the right to access the material were a condition of the license or a mere contractual covenant. See, e.g., MDY Industries, LLC v. Blizzard Entertainment, Inc.

As I understand it, the ToS expressly provided that a user cannot download all of the works in a publication, rate-limited the number of downloads, etc.

Whether one or more of those meets the Jacobsen/MDY obligation or condition test is certainly a question.

Re:

You are correct. Here's a comment from the Ars Technica board that elaborates:

"MIT had a license for free access to JSTOR, but everyone at MIT has to obey the JSTOR TOS. I quote:

"2.2 Prohibited Uses. Institutions and users may not:
...

f. undertake any activity such as computer programs that automatically download or export Content, commonly known as web robots, spiders, crawlers, wanderers or accelerators that may interfere with, disrupt or otherwise burden the JSTOR server(s) or any third-party server(s) being used or accessed in connection with JSTOR;
...
i. download or print, or attempt to download or print: an entire issue or issues of journals or substantial portions of the entire run of a journal, other than on an isolated basis because of the relevance of the entire contents of a journal issue to a particular research purpose; or substantial portions of series of monographs or manuscripts;"

Since he was violating JSTOR's terms of service, he didn't have a copyright license, which means every single paper downloaded was infringing copyright (copying without authorization). As those collections of papers are extremely valuable, that almost certainly qualifies for criminal copyright infringement.

That said, I think it's pretty stupid to treat it that part of his activities as anything more than a civil matter between him and JSTOR, and that the law should be changed. As it stands, though, he's blatantly in violation of criminal statutes, so it isn't surprising he's been charged.

Charging him for breaking into MIT property is reasonable, of course, since he did (and obviously knew what he was doing wasn't allowed, at that, what with hiding his face from a security camera)."

Re: Re:

Since he was violating JSTOR's terms of service, he didn't have a copyright license, which means every single paper downloaded was infringing copyright (copying without authorization)

This is a square/rectangle issue. Infringing copyright IS copying without authorization, but copying without authorization is not necessarily infringing copyright. This commenter acts as though the two are one and the same, even though they are clearly not (as a simple example, any time you make legal fair use of a work you are 'copying without authorization' but it is not infringement)

Now, it seems certain he was violating the TOS, which is a contractual issue (or, as the feds are apparently claiming, a hacking issue) - and he may, separate from that, also have infringed on copyright (depending on the copyright status of the docs he downloaded and what he planned to do with them). But the fact that he violated the TOS does not automatically mean he infringed on copyrights.

Think of violating TOS as the rectangle, and infringing copyrights as the square.

Re: Re: Re:

Uh oh, I seem to be suffering a flare up of candidiasis carabi Time to break out the salve of reason.

OK. I'll type slowly so you can follow along. The point was that the use of copyrighted documents was conditional upon complying with the terms of service. Obtaining such docs in violation of the terms of service and the agreement is void and the recipient is infringing.

Re: Re: Re: Re:

Ah, I see you've replaced "prick" with "candidiasis carabi" - I must admit, part of me is curious to see what you come up with next! At least you're done playing the victim, and are ready to admit you are a dickhead troll again.

Yes, by disobeying the TOS he forfeited the limited license that TOS granted him. Nevertheless, that does not automatically make his actions infringing - he could still, for example, make a fair use defence (not that I think that's likely). The point is that it has to be separately demonstrated that he was infringing on copyright - violating a TOS does not automatically make something infringement. I'm not trying to say he didn't infringe any copyrights here - it's likely that he did - I just object to the casual conflation of "copying without authorization" and "copyright infringement" since the two are not the same thing.

Re: Re: Re: Re: Re:

Marcus,

From Wikipedia: "In Internet slang, a troll is someone who posts inflammatory[citation needed], extraneous, or off-topic messages in an online community, such as an online discussion forum, chat room, or blog, with the primary intent of provoking readers into an emotional response[2] or of otherwise disrupting normal on-topic discussion."

And while I can be inflammatory, I am not extraneous or off-topic. On the contrary, I am maintain 100% fidelity to my outlook. As far as inflammatory goes, what can I say? I have a visceral reaction to the lies, bullshit and distortion spewed by many of the nincompoops and free loaders who come here with their self-serving, self-entitled drivel. I'm not some pussy who parses words or is afraid to mix it up. But I also like to have some fun with it, otherwise the back-and-forth is reduced to shrill canned arguments and tired slights which is really boring. So, sorry if you have a problem being referred to as an annoying anal fungus (you generally are) or being a loyal member of the Order Of The Brown Nose, basking contentedly in the reflected glow of Masnick's minor celebrity. Please feel free to call me a "dickhead" "Troll" or "prick". After all, I've seen your spiffy poetry reading so there's really nothing you can say to me that will sting.

In all seriousness, I sometimes respect your point of view and acknowledge that you and others have noted some legitimate concerns in the course of our verbal jousting. Nonetheless, you are for the most part- totally full of shit- and I look forward to pointing out examples of that on an as needed basis. And I'm certain you'll do the same for me.

Re: Re: Re: Re: Re: Re:

I guess I was wrong - you are still playing the victim. It's cute - you are a total ass all the time (relentlessly mocking not just me but everyone who contributes to techdirt, all of whom are much nicer and more intelligent and creative people than you), and then when called on it you occasionally give these mature-sounding little speeches in order to pretend you've been totally rational all along.

Funny, just this week I've seen you completely disappear from a couple of threads in which someone proved you wrong, like when you insisted that Google doesn't have a separate news crawler bot (yes, we can all tell that was you). You were also quite roundly humiliated on your assertion that Nina's video about GEMA was trivial and pointless, and you handled that with all the grace and humility of a fat redneck stuck in an outhouse.

Whenever we raise those "legitimate" points you mention, you can't handle it so you run - either "away" or "in circles" depending on your mood.

Re: Re: Re: Re: Re: Re: Re:

Sorry. You got the wrong guy. I don't know what a news crawler bot is. I have never even bothered to watch, must less comment on Nina's Gema video. I don't think I commented on the Nina article at all. Tell me where the Google thing was and I'll tell you what my icon looks like, but I don't think I was in on that. For future reference, you'll generally only find me in discussions involving law and policy discussions related to intellectual property. I occasionally read the other stuff, but frankly don't give a shit about TSA prostate exams, copyright trolls or which monkey owns the rights to the self-portrait. Have your man-crush check the IP address of this post and those you refer to if you doubt this. As I said, I'm not afraid to mix it up. And on occasion I take my lumps. So be it.

FYI, your only legitimate point to date have been that piracy is substantially (but not entirely) a symptom of unmet market demand. And I have not been shy in expressing my belief to people not involved in these discussions that legislation and regulation cannot be a substitute for rolling out more a la carte services like Hulu Plus, Netflix, etc. And I haven't run away or in circles. A number of times, I've given my ship analogy. The corporations and licensing arrangements are far more complex, intrenched and bureaucratic than you can imagine. It's analogous to turning a cruise ship rather than a speed boat. It will take time. But lack of a timely response does not excuse people taking something that doesn't belong to them.

This is about the Computer Fraud and Abuse Act

The press releases from the US Attorney's office is couched in the language of the Computer Fraud and Abuse Act of 1986. I do a bit of an overview of the Act in a paper I wrote that you can find here: The Virtual Property Solution, http://ssrn.com/abstract=168800 (The CFA of 1986 discussion begins on page 21).

The use of the word theft to refer to Aaron's actions is simply because we misuse the word theft as it applies to non-property situations. (I also talk about this in the above paper and other papers I've written.)

So it's not about theft, it's about computer fraud and misuse. This is statutory and does not require elements of theft.

Re: This is about the Computer Fraud and Abuse Act

If you look at the indictment it references 18 U.S.C. § 1030, which is where the Computer Fraud and Abuse Act of 1986, as amended, is codified. (The other two are basic kitchen sink criminal charges; wire fraud is typically added in cases involving evidence of telecommunication/internet use, and forfeiture is a basic addon for most federal crimes).

More TLDR followup

The basic crux of the case is that Aaron accessed computer systems without authorization in violation of the Computer Fraud and Abuse Act of 1986. Based on the limited comments on the facts of the case so far it seems like a potential stretch—at least for a CIVIL CFA case—but the criminal side is a bit different.

On a side not about the CFA, it's the law that nailed the kid hacker in the oft-panned and highly unrealistic movie "Hackers." Aaron, Zero Cool, and Crash Override . . . all in the same boat.

Test Run

Seems more like a test run with a case they really don't care about, so they can really nail people they do care about. (i.e. Ananomous, Lulzsec, Wikileaks)
MIT and LSTOR both asked for charges to be dropped, so any convictions are just gravy to the prosecution.
We'll know for sure if they rush this through the courts.

Re: Where does the law say infringement and theft are different.

Oh don't be a dumbass. What is being discussed is copyright infringement and theft, which are indeed two whole separate areas of law.

No, there's probably no statute explicitly stating "Copyright infringement and theft are different" just like there's no statute saying "Jaywalking and murder are different" - that doesn't mean they are the same.

Please, go find me anybody who committed copyright infringement and was then charged with theft. Can't? Yeah, that's because they are completely unrelated as far as the law is concerned.

Almost certainly JSTOR does not hold the copyright in the articles. So, copyright is very likely a non-issue.

Bottom line: The person used an MIT "guest" account without authority to do so. When it became apparent to JSTOR and MIT that something was amiss and locked out the "guest" IP address, he proceeded to engage in a game of cat and mouse by creating new "guest" IP addresses, spoofed MAC addresses, broke into a closed area at MIT to engage in a bit of re-wiring, etc., etc., etc.

If ever there was a classic case of thumbing one's nose at the law, this is surely it. Perhaps a stint being incarcerated, and s stiff fine, may give him pause to reconsider the wisdom of his patently childish behavior.

"Damaging" the MIT computers?

Really? Using a computer damages it? I thought that was what they were made for. ;)

I did read charge 4 again just to make sure, but I don't see anywhere in there where there was any claim that he "damaged their COMPUTERS".

There was a "disruption of service" because he was using their servers at 100% which is what I think they are referring to as "damage" (basically degrading there network response time). More like a DOS attack than physical damage.

Larceny = theft = infringement = illegal activity = crime

It's nice how words are so important to you mike, of course 'infringement' sounds better than theft, just like accendental death sounds better than murder.

But it's a word, just a word, it does not at all change the ACT.

It's theft, it is an act that is against a law, therefore its a crime, and you have 'infringed' the law, by commiting a CRIME.... the crime of theft.

I know you will now redefine what "copyright" is, so you will say that taking something as a copy is not taking the copyright of the item.

But we all know that is not true, (we'll everyone it seems apart from a few here), you are stealing the "RIGHT TO COPY", not the copy yourself, and why Mike you cannot work that out is beyond me. Surely you are not that stupid, and if not you must be willing to lie.

Re: Larceny = theft = infringement = illegal activity = crime

Darryl, nobody is using "infringement" in the general dictionary sense of "infringing on the law" - they are using it as a shorthand for "copyright infringement", a specific thing with specific legal definitions.

Does this really need to be explained to you?

For example, publishing false statements about someone is "libel" under the law. Now, using a dictionary, you could also call those statements "fraudulent" since that word can just mean dishonest. But that doesn't mean that "libel" and "fraud" are suddenly identical under the law.

Re: Larceny = theft = infringement = illegal activity = crime

"Accidental death sounds better than murder"

Not only does "accidental death" sound better than "murder", it's also a TOTALLY DIFFERENT LEGAL CHARGE with totally different penalties. Kind of like "copyright infringement" is LEGALLY different than "theft". ;)

Re: Larceny = theft = infringement = illegal activity = crime

when are you people going to realise that it isn't what he has done, it is what he is accused of doing that counts? couple that with the fact that anyone accused of just about anything computer related now is assumed guilty unless/until they can prove/have evidence of innocence. the days of innocent until proven guilty are gone. the accuser is now always assumed to be right. back to the dark ages we go! as for US Attorney Carmen M. Ortiz, is there an election or similar coming up? is she trying to score points, or just make herself look like a complete twat? if it's the last thing, she is succeeding!

What he should have done was implement a distributed downloading scheme to spread to the bandwidth around in time and space, and then been patient. Maybe this is something that Anonymous could do with their time and resources instead of DDOS.

Re: They also didn't charge him with murder

Then your reading comprehension has failed. The entire point of the article is that in public statements he's being accused of "theft" and yet there's no charge of either real theft (physically removing an object or objects) or imaginary theft (copyright infringement).

nforming all of the people outside of Germany will do nothing. It's a fail. Getting a bunch of people on a blog (targetting the US, as Mike Masnick has recently said) upset about something happening in Germany sure isn't going to do much.

Getting on with German authorities, German newspapers, German press, things like that might have a hope. Otherwise, the yelling about it (or making a video about it) is sort of meaningless.

As for inciting a revolution, all I can say is she isn't inciting much of anything except perhaps a few snickers at this point. It seems the motto is "ready, fire, aim".

Seriously? "Its a fail" You think that is me talking? You should know by now I don't use trite, nerd-chic words and phrases like "conflating" "It's a fail" "troll" or any of the other buzz words that clearly mark one as a former dodgeball target and wearer of "kick me" signs. I'm old school. So, believe what you like or run your theory past the folks in your LARP league and see if they agree.